first release of puppet-shorewall

Oh, hi there.

In case you’re interested, I’ve just made a first release of my puppet-shorewall module. This isn’t meant as an exhaustive shorewall module, but it does provide most of the usual functionality that most users need.

In particular, it’s the module dependency that I use for many of my other puppet modules that provide firewalling. This is probably where you’re most likely to consume it.

In general most modules just implement shorewall::rule, so if you really don’t want to use this code, you can implement that signature yourself, or not use automatic firewalling. The shorewall::rule type has two main signatures, so have a look at the source, or a simple example if you want to get more familiar with the specifics. Using this module is highly recommended, specifically with puppet-gluster.

Please keep in mind that since I mostly use this module to open ports and to keep my other modules happy, I probably don’t have advanced traffic control features on my roadmap. If you’re looking for something that I haven’t added, contact me with the details and consider sponsoring some features.

Happy hacking,


2 thoughts on “first release of puppet-shorewall

    • Hey,

      1) Not sure if this module existed (or was public and I knew about it) when I wrote mine.
      2) My module has some fancy things that are useful for integrating in other modules. That module probably doesn’t support those, but if they’re interested, they’re welcome to look at my design and patch their code as appropriate. Maybe there are things my module could learn from their design.
      3) Took a very quick glance at this module now – seems like a lot is going on, but at first glance was a bit confusing. It would take some time for me to know if it does what I need or not. At the moment, I’m very happy with my module, although it was written as a necessary dependency for my other puppet modules, as opposed to my primary development work.
      4) Nitpick, but license is unclear. It says to see “LICENSE” file, but none exists. Is this open source?

      Hope that answers your question!


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s